Uber hacked, data for 57 million people exposed

Posted November 23, 2017

Uber is under fire for hiding a breach of personal information, for a year!

Two hackers reportedly accessed a private Github site used by Uber engineers, stole login credentials, and accessed driver and rider data stored on an Amazon Web Services account.

Uber passengers need not worry as there was no evidence of fraud, while drivers whose license numbers had been stolen would be offered free identity theft protection and credit monitoring, Uber said. Part of the reason nothing malicious has happened is because Uber acknowledges paying the hackers $100,000 to destroy the stolen information. The Uber data breach was concealed by the company for more than a year, according to the report, thanks to efforts by the company's former CSO and another member of the infosec team. In the blog post addressing the data breach, Khosrowshahi said that outside forensics experts did not think that rider's locations, credit card numbers, bank accounts, and social security numbers had been taken.

Kalanick, who at the time was CEO, learned of the breach a month after it occurred.

More news: Jude Law in Talks to Join Brie Larson in 'Captain Marvel'

A spokesman for Transport for London, which this year announced it would not be renewing Uber's licence in the capital, said: "We are working to gain clarity from Uber on whether any of the issues seen in the USA have occurred here". The ride-share network has come under fire in the a year ago for various things, including breaking Apple's terms of use in order to "spy" on users. Potential exposure under the NDB scheme is only likely to exacerbate the concerns, with significant penalties for Australian companies that fail to protect customers' PII or fail to quickly take appropriate steps after a breach.

Amy Spitalnick, spokeswoman for Attorney General Eric Schneiderman, confirmed the probe Wednesday, but would not comment further.

If you're a user of Uber, it's possible your personal information was hacked in 2016 without you even knowing.

But viewing this data breach cover up as an incident that only Uber could commit misses the writing on the wall.

More news: Bomb blast kills worshippers in Adamawa mosque

Khosrowshahi said the company fired two individuals who led security response.

Khosrowshahi said in an emailed statement that Uber secured its systems and implemented new security measures after the attack.

"It doesn't appear that happened here", he said.

"We are changing the way we do business, putting integrity at the core of every decision we make and working hard to earn the trust of our customers".

More news: Lebanon's Hariri holds talks with Egypt President Sisi in Cairo

A spokesman from Uber said the company is in the process of notifying various regulatory and government authorities.